dproxy-nexgen
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-33990 | Hig | 0.49 | 7.5 | 0.01 | Aug 15, 2022 | Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. | ||
| CVE-2022-33991 | Med | 0.35 | 5.3 | 0.01 | Aug 15, 2022 | dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers. | ||
| CVE-2007-1866 | 0.04 | — | 0.10 | Apr 4, 2007 | Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465. |
- risk 0.49cvss 7.5epss 0.01
Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.
- risk 0.35cvss 5.3epss 0.01
dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers.
- CVE-2007-1866Apr 4, 2007risk 0.04cvss —epss 0.10
Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465.